Collaborate Disseminate
Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access…. Continue reading How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs
Security Information and Event Management (SIEM) products provide real-time analysis of security alerts generated by security solutions such as Imperva Cloud Web Application Firewall (WAF). Many organizations implement a SIEM solution to bring visibili… Continue reading How to Deploy a Graylog SIEM Server in AWS and Integrate with Imperva Cloud WAF
Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers. You can interact with Docker v… Continue reading Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners
Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in dozens of unsuccessful attacks against ou… Continue reading Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers
Your Wi-Fi routers and access points all have strong WPA2 passwords, unique SSIDs, the latest firmware updates, and even MAC address filtering. Good job, networking and cybersecurity teams! However, is your network truly protected? TL;DR: NO! In this p… Continue reading No One is Safe: the Five Most Popular Social Engineering Attacks Against Your Company’s Wi-Fi Network
Botnets have been around for over two decades, and with the rise of the Internet of Things (IoT) they have spread further to devices no one imagined they would – printers, webcams, and even toasters and fridges. Some botnets enlist infected devic… Continue reading The Challenges of DIY Botnet Detection – and How to Overcome Them
DDoS attacks are usually measured by the amount of bandwidth involved, such as the 1.35 Terabits per second (maximum) attack directed at GitHub last year, the largest DDoS attack ever at the time. However, in DDoS attack mitigation, it’s not the … Continue reading This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.
Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database … Continue reading Seven Must-Dos to Secure MySQL 8.0
As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, new… Continue reading The State of Web Application Vulnerabilities in 2018
We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service (DoS) vulnerability. Ironically, we found this vulnerability whi… Continue reading Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending